Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135332e39322e3138392e302f32342d3234203d3e20323031333431.roa
File: 3135332e39322e3138392e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: NSyg/VdSkz7Srmr3vVkkXJEkkESrUl/lT1PHlQAyZTA=
Subject key identifier: 57:15:F4:16:06:48:76:28:32:B1:E6:F5:62:F8:12:F6:46:C2:1C:2E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 685E94431D268EF19615FD6A1699A013D0A6708A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135332e39322e3138392e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 26 Feb 2024 08:53:16 +0000
ROA not before: Mon 26 Feb 2024 08:48:16 +0000
ROA not after: Mon 24 Feb 2025 08:53:16 +0000
asID: 201341
IP address blocks: 153.92.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:5e:94:43:1d:26:8e:f1:96:15:fd:6a:16:99:a0:13:d0:a6:70:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:16 2024 GMT
Not After : Feb 24 08:53:16 2025 GMT
Subject: CN=5715F4160648762832B1E6F562F812F646C21C2E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:57:36:f2:fd:21:95:d4:3f:62:32:0a:51:a5:
da:f1:a9:2a:21:52:76:5a:a4:8e:3d:f7:a6:2a:71:
31:b1:12:08:8a:90:4f:f1:7a:87:a1:38:81:79:f5:
7c:b5:03:ae:4a:9e:34:19:1a:26:61:14:e2:ba:3a:
e5:51:be:3c:7b:06:d0:b6:b5:f4:ef:af:a5:e9:e9:
db:77:b4:ab:48:ef:cc:4e:0d:1c:1d:c4:8e:c4:05:
66:e9:13:a6:2a:ba:f7:b1:69:27:fa:4f:2c:10:38:
43:61:6a:7f:18:56:fd:8c:db:65:c3:24:cd:cf:fe:
e7:ca:cc:dc:62:0d:ea:b5:cd:49:ea:ce:0b:b7:27:
12:bb:79:fb:32:c6:2d:7f:b1:2c:80:53:ea:4f:fc:
71:33:6a:58:de:37:99:cb:b5:7c:0b:80:f4:2d:42:
a6:31:91:b9:8d:b0:20:81:62:29:f2:ef:32:09:76:
d7:53:8b:b5:3d:c6:6f:98:57:64:70:7e:aa:a6:04:
6f:52:04:45:4d:be:d8:7c:29:b1:8e:80:c1:d2:ff:
8f:be:29:ba:59:c1:19:90:7c:95:31:9c:fb:3e:27:
b8:f7:52:bc:23:2a:31:d9:58:19:d3:d9:04:a7:79:
8b:a5:1e:12:fc:40:7f:a3:a7:f3:d2:87:c7:6b:1f:
1e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:15:F4:16:06:48:76:28:32:B1:E6:F5:62:F8:12:F6:46:C2:1C:2E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135332e39322e3138392e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.92.189.0/24
Signature Algorithm: sha256WithRSAEncryption
28:76:3b:78:ec:1c:e0:17:23:a9:25:4b:74:8a:25:a9:56:0d:
ca:78:c8:78:22:c6:bc:bc:52:23:44:17:89:f6:eb:58:5b:62:
e2:89:85:51:4a:2d:4c:2a:0b:36:8c:ec:4c:11:ec:d8:c3:b7:
2f:a8:b4:aa:37:69:25:89:67:c2:b2:29:6f:72:87:bd:ae:43:
3d:97:f7:0c:bd:05:40:56:2c:2b:d5:53:c0:7e:bc:34:23:ba:
9a:c7:8f:19:1a:33:bd:69:21:b8:65:14:3f:6b:d8:b2:8a:68:
52:57:23:b6:00:e4:9f:cb:aa:7d:68:98:54:40:00:99:08:26:
a7:a6:8b:5e:88:38:7d:bf:bf:1b:f8:85:56:87:7b:17:c8:a9:
a1:8c:41:29:35:0d:9a:79:3b:ed:28:22:fc:f1:d4:36:47:d0:
e3:d0:dc:88:0f:8a:4f:fb:93:a3:45:c7:44:6c:93:c6:3d:56:
1b:32:d6:4c:04:66:2f:27:6d:30:20:5a:75:48:f2:2b:a2:59:
55:05:61:f8:13:a9:b0:9e:11:ec:ed:b3:74:a4:d9:63:f3:22:
10:ac:75:23:7b:8d:c0:21:5c:c8:bf:f8:c0:0d:9a:b0:46:6a:
40:e4:e5:a3:d1:33:87:19:a7:b7:ff:7f:ed:cf:ed:51:80:f2:
39:ef:4b:3c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUaF6UQx0mjvGWFf1qFpmgE9CmcIowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MTZaFw0yNTAyMjQwODUzMTZaMDMxMTAvBgNV
BAMTKDU3MTVGNDE2MDY0ODc2MjgzMkIxRTZGNTYyRjgxMkY2NDZDMjFDMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0Vzby/SGV1D9iMgpRpdrxqSoh
UnZapI4996YqcTGxEgiKkE/xeoehOIF59Xy1A65KnjQZGiZhFOK6OuVRvjx7BtC2
tfTvr6Xp6dt3tKtI78xODRwdxI7EBWbpE6YquvexaSf6TywQOENhan8YVv2M22XD
JM3P/ufKzNxiDeq1zUnqzgu3JxK7efsyxi1/sSyAU+pP/HEzaljeN5nLtXwLgPQt
QqYxkbmNsCCBYiny7zIJdtdTi7U9xm+YV2RwfqqmBG9SBEVNvth8KbGOgMHS/4++
KbpZwRmQfJUxnPs+J7j3UrwjKjHZWBnT2QSneYulHhL8QH+jp/PSh8drHx5pAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUVxX0FgZIdigyseb1YvgS9kbCHC4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTMzMmUzOTMyMmUzMTM4
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACZXL0wDQYJKoZIhvcNAQELBQADggEBACh2O3jsHOAXI6klS3SKJalWDcp4yHgi
xry8UiNEF4n261hbYuKJhVFKLUwqCzaM7EwR7NjDty+otKo3aSWJZ8KyKW9yh72u
Qz2X9wy9BUBWLCvVU8B+vDQjuprHjxkaM71pIbhlFD9r2LKKaFJXI7YA5J/Lqn1o
mFRAAJkIJqemi16IOH2/vxv4hVaHexfIqaGMQSk1DZp5O+0oIvzx1DZH0OPQ3IgP
ik/7k6NFx0Rsk8Y9Vhsy1kwEZi8nbTAgWnVI8iuiWVUFYfgTqbCeEezts3Sk2WPz
IhCsdSN7jcAhXMi/+MANmrBGakDk5aPRM4cZp7f/f+3P7VGA8jnvSzw=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:15 2024 by rpki-client on console-fra.rpki-client.org